>

Server

Overview

Each CAPTCHA verification generates parameters that will be returned to GeeTest via your interface to validate the request.

Secondary validation API

Interface information Description
URL http://gcaptcha4.geetest.com/validate
Request method GET/POST
Type of content application/x-www-form-urlencoded
Response format json

Request parameters

Parameter Name Type Description
lot_number string Verify serial number
captcha_output string Verify output information
pass_token string Verify passing identity
gen_time string Verify passing timestamp
captcha_id string Verify id
sign_token string Verify signature

Response parameters

Parameter Name Type Description
result string Secondary validation result
reason string Validation result description
captcha_args dict Verify output parameters

Sample code

Here is an example in Python:

def post(self):
    # 1. Initialize GeeTest parameter information
    captcha_id = '647f5ed2ed8acb4be36784e01556bb71'
    captcha_key = 'b09a7aafbfd83f73b35a9b530d0337bf'
    api_server = 'http://gcaptcha4.geetest.com'

    # 2. Get the verification parameters passed from the front end after user verification  
    lot_number = self.get_argument('lot_number', '')
    captcha_output = self.get_argument('captcha_output', '')
    pass_token = self.get_argument('pass_token', '')
    gen_time = self.get_argument('gen_time', '')

     # 3. Generate signature
     # Using standard hmac algorithms to generate signatures, using the user's current verification serial number lot_number as the original message, and the client's verification private key as the key
     # Using sha256 hash algorithm to hash message and key in one direction to generate the final signature
    lotnumber_bytes = lot_number.encode()
    prikey_bytes = captcha_key.encode()
    sign_token = hmac.new(prikey_bytes, lotnumber_bytes, digestmod='SHA256').hexdigest()

     # 4. Upload verification parameters to the second verification interface of GeeTest to verify the user verification status
     query = {
        "lot_number": lot_number,
        "captcha_output": captcha_output,
        "pass_token": pass_token,
        "gen_time": gen_time,
        "sign_token": sign_token,
     }

     # captcha_idParameter is recommended to be placed after url, so that when an exception is requested, it can be quickly located in the log according to the id
     url = api_server + '/validate' + '?captcha_id={}'.format(captcha_id)

     # Pay attention to handling interface exceptions, and make corresponding exception handling when requesting GeeTest secondary verification interface exceptions or response status is not 200
     # Guarantee that the business process will not be blocked by interface request timeout or service non-response
     try:
         res = requests.post(url, query)
         assert res.status_code == 200
         gt_msg = json.loads(res.text)
     except Exception as e:
        gt_msg = {'result': 'success', 'reason': 'request geetest api fail'}

        # 5. According to the user authentication status returned by GeeTest, the website owner conducts his own business logic
        if gt_msg['result'] == 'success':
            self.write({'login': 'success', 'reason': gt_msg['reason']})
        else:
            self.write({'login': 'fail', 'reason': gt_msg['reason']})
Was this helpful?
Send